<?php include_once("../helper/DBOperation.php");
	  $dbObj = new DBOperation();

if($_POST){
	$username = trim($_POST['username']);
	$password = trim($_POST['password']);
	$error = "";

	if($username==""){
		$error.= "Username can not be left blank. <BR>";
	}elseif($username!="admin"){
		$error.= "You are not authorized to view this page. <BR>";
	}
	
	if($password==""){
		$error.= "Password can not be left blank. <BR>";
	}

	if($error==""){
		$username = mysql_real_escape_string($username);
		$password = mysql_real_escape_string($password);
		$query = mysql_query("select * from tbl_users where username='".$username."' and password='".md5($password)."'");
		if(mysql_num_rows($query)>0){
			$get_user = mysql_fetch_array($query);
			$_SESSION['id'] = $get_user['id'];
			$_SESSION['user_type'] = "admin";
			$_SESSION['userslog'] = $get_user;
			header("location:user_listing.php");
		}else{
			$error.= "Username and password does not match. <BR>";
		}
	}
	$_SESSION['error'] = $error;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="utf-8">
	<title>Welcome to Admin Panel</title>
	<link href="css/style.css" rel="stylesheet" type="text/css" />
	<script language="JavaScript" src="js/jquery.js"></script>
	<script language="JavaScript" src="js/jquery.validate.js"></script>
</head>
<body>
<div id="container">
	<h1>Admin Login</h1>

	<div id="body">
		
		<div id="user_listing">
			<div id="error" style="color:red;"><?php if(isset($_SESSION['error']) && $_SESSION['error']!="") { echo $_SESSION['error']; unset($_SESSION['error']); }?></div>
			<form id="webform" name="webform" action="index.php" method="post">
				<table id="add_user">
					<tr>
						<td>Username <span id="required"> * </span>: </td>
						<td><input type="text" id="username" name="username" class="text_field_bg required"></td>					
					</tr>
					<tr>
						<td>Password <span id="required"> * </span>: </td>
						<td><input type="password" id="password" name="password" class="text_field_bg required"></td>					
					</tr>
					<tr>
						<td></td>
						<td><input type='submit' id="submit" name="submit" value="Submit" /></td>
					</tr>				
				</table>
			</form>
		</div>
	</div>
</div>

</body>
<script>
	$(document).ready(function(){
		
		$("#webform").validate({
			 
		});
	});   
</script>
</html>
